# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidc do
  @moduledoc """
  Represents an OpenId Connect 1.0 identity provider.

  ## Attributes

  *   `clientId` (*type:* `String.t`, *default:* `nil`) - Required. The client ID. Must match the audience claim of the JWT issued by the identity provider.
  *   `clientSecret` (*type:* `GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret.t`, *default:* `nil`) - Optional. The optional client secret. Required to enable Authorization Code flow for web sign-in.
  *   `issuerUri` (*type:* `String.t`, *default:* `nil`) - Required. The OIDC issuer URI. Must be a valid URI using the `https` scheme.
  *   `jwksJson` (*type:* `String.t`, *default:* `nil`) - Optional. OIDC JWKs in JSON String format. For details on the definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the discovery document(fetched from the .well-known path of the `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: { "keys": [ { "kty": "RSA/EC", "alg": "", "use": "sig", "kid": "", "n": "", "e": "", "x": "", "y": "", "crv": "" } ] }
  *   `webSsoConfig` (*type:* `GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig.t`, *default:* `nil`) - Required. Configuration for web single sign-on for the OIDC provider. Here, web sign-in refers to console sign-in and gcloud sign-in through the browser.
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :clientId => String.t() | nil,
          :clientSecret =>
            GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret.t() | nil,
          :issuerUri => String.t() | nil,
          :jwksJson => String.t() | nil,
          :webSsoConfig =>
            GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig.t() | nil
        }

  field(:clientId)

  field(:clientSecret,
    as: GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret
  )

  field(:issuerUri)
  field(:jwksJson)

  field(:webSsoConfig,
    as: GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig
  )
end

defimpl Poison.Decoder, for: GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidc do
  def decode(value, options) do
    GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidc.decode(value, options)
  end
end

defimpl Poison.Encoder, for: GoogleApi.IAM.V1.Model.GoogleIamAdminV1WorkforcePoolProviderOidc do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
